Preventing general access to part or all of a site or blocking a particular user from reading some secure documents, these are all common requirements. All these are provided within the <Limit> directive, this permits access control based on
Source Network (netmask or CIDR)
Bandwidth limiting, this cannot be done on a per server or per VirtualHost basis, there are development plans to try and implement this but within the current architechure it is impossible.
Limiting is only possible at the moment on a per connection basis where the maximum download or upload rate can be specified, in addition to this a "grace" allocation can be given. The effect of this extra allocation is to effectively remove the throttling on small files which are downloaded within the allocation and only throttle larger files.